Skip to content
PacketFu, a mid-level packet manipulation library for Ruby
Find file
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
examples
lib
test
.document
.gitignore
INSTALL.rdoc
LICENSE.txt
README.rdoc
packetfu.gemspec
setup.rb

README.rdoc

PacketFu

A library for reading a writing packets to an interface or to a libpcap-formatted file.

It is maintained at code.google.com/p/packetfu and github.com/todb/packetfu (which repository will win?)

Documentation

PacketFu is rdoc-compatible, which means it's sdoc compatible. In the same directory as this file, run “sdoc” by itself (gem install sdoc), and then view doc/index.html with your favored browser. Once that's done, navigate at the top, and read up on how to create a Packet or Capture from an interface with show_live or whatever.

Requirements

PcapRub:

$ svn co www.metasploit.com/svn/framework3/trunk/external/pcaprub

or

$ rvm gem install pcaprub

Marshall Beddoe's PcapRub is required only for packet reading and writing from a network interfaces (which is a pretty big only). PcapRub itself relies on libpcap 0.9.8 or later for packet injection. PcapRub also requires root privilieges to access the interface directly.

Platforms

I tend to test with the following (with bash):

date > /tmp/tests.txt; for i in default 1.8.6-p420 1.8.7-p334 1.9.1-p431 1.9.2-p180 1.9.3-head
do rvm use $i >> /tmp/tests.txt
echo Testing with $i
echo $i >> /tmp/tests.txt; echo +++++++++++++++++++++++ >> /tmp/tests.txt
rvmsudo ./all_tests.rb >> /tmp/tests.txt; rspec . >> /tmp/tests.txt
done

Passing Platforms

  • 1.9.1-p378

  • 1.8.7-p334

  • 1.9.2-p180 (suggested version)

  • 1.9.3-head

Problem Platforms

Technically, these are pcaprub problems and not PacketFu problems, but PacketFu should at least fail better at them.

Incidentally, I suspect these Ruby problems are the crux of the Mac OSX problems that people report. Try a different Ruby build and please let me know what works for you.

Examples

PacketFu ships with dozens and dozens of tests, built on Test::Unit. These should give good pointers on how you're expected to use it. See the /tests directory. Furthermore, PacketFu also ships with packetfu-shell.rb, which should be run via IRB (as root, if you intend to use your interfaces).

Author

PacketFu is maintained primarily by Tod Beardsley todb@planb-security.net, with help from Open Source Land.

See LICENSE for licensing details.

Something went wrong with that request. Please try again.